• Data protection / privacy

PRIVACY POLICY

1. Data processing controller

The controller, as defined in Art. 4(7) of the General Data Protection Regulation (GDPR), is

 

Foggenberger GmbH
Tel.: +43 316 771 771-0
dsgvo@foggis.at

 

The website uses SSL or TLS encryption to minimise potential security vulnerabilities as much as possible. Please note, however, that internet-based data transfers are prone to security vulnerabilities and absolute protection against third-party access is therefore impossible. 

 

Our website can be used without providing any personal data. Deviating provisions may arise in this respect for the use of individual services of our website; these are explained separately below. The following sections inform you about the nature, scope and purpose of personal data collected, used and processed by the controller.

2. Processing of the data of individuals connected to our business

We process the data that diverse groups of people have provided to us themselves, for example through emailing us with an enquiry, or through entering into a contract or a business relationship. We also process the data of people who attend events or seminars.

 

2.1 Data subjects

We process the following data related to prospective customers: company name, contact person’s name and work-related contact data, address.

 

We process the following data related to customers: company name, title and name of the contact persons, work-related address and contact data, bank details, contract information, including data related to creditworthiness.

 

We process the following data related to suppliers and business partners: company name, title and name of the contact persons, work-related address and contact data, bank details, contract information.

 

2.2 Transfer of data

We only pass personal data on to third parties if this is for the purpose of processing and fulfilling a contract, or as a result of statutory requirements.

 

2.3 Data retention/erasure

The data will be deleted by us as soon as there is no longer a requirement for us to store it, or statutory retention periods – e.g. for VAT-related purposes – have expired. Should the basis for processing constitute consent, we will restrict processing or delete the data if this consent is revoked – unless statutory provisions preclude this.

 

2.4 Communicating by email

If you contact us by email, the data you provide us with will be stored on the basis that you have consented to this, so that we can answer your enquiry. The data arising out of this exchange will be deleted by us once there is no longer a requirement to process it; or we will restrict its processing if we have to observe a statutory retention period.

 

2.5 Basis in law

The basis in law for the processing of data is

- establishment of a contract and contract performance, in accordance with Art. 6(1)(b) GDPR

- compliance with legal obligations, in accordance with Art. 6(1)(c) GDPR (for example, legally required retention and documentation obligations)

- legitimate interest on the part of our company, within the meaning of Art. 6(1)(f) GDPR (e.g. for statistical analysis)

- Art. 6(1)(a) GDPR applies where consent has been obtained (e.g. using images, or data for advertising purposes).

 

3. Data processing if contact is established via our website, newsletter or a job application

3.1 Establishing contact

If you have used the form on our website to request that we contact you or to send us a message, we will store the data relating to you that is required for communications. This will be your first name and surname, your email address, telephone number and any data you give us in the contact form. The data will be deleted by us as soon as there is no longer a requirement for us to store it or you withdraw your consent to processing. 

 

Legal basis: Art. 6(1)(a) GDPR

 

3.2 Newsletter

You have the option to subscribe to our newsletter. We need your email address for this. You can cancel the newsletter at any time. Once we have received your cancellation notice, we will no longer use your data for sending out newsletters. If we do not have any form of business relationship with you and we do not have to observe a statutory retention period, your data will be deleted when you cancel the newsletter.

 

Legal basis: Art. 6(1)(a) GDPR

 

3.3 Job applicants

If you send us documents supporting a job application, we will process the personal data contained in them along with your curriculum vitae and your references for the purposes of selecting a person for the job. If we do not offer you the job, we will delete your documents 7 months from the date we inform you that you have not been selected.

 

Legal basis: Art. 6(1)(a) GDPR

 

If you consent to us holding your information on file for possible contact at a later point, we will send you a formal request to give us your consent. If you explicitly give us this consent, we will store your consent. If no further job opportunities arise within a year, we will delete all your job application data one year from the date you sent us your consent.

 

Legal basis: Art. 6(1)(a) GDPR

 

4. Data processed when visiting our website

4.1 Use of the website for information purposes

If you use our website purely for information purposes, we will only capture the personal data transmitted from your browser to our server. If you wish to look at our website, we will capture no more than that data which we require technically to display our website to you and to ensure its stability and security.

 

- IP address

- Date and time of the query

- Time zone difference to Coordinated Universal Time (UTC)

- Query content (specific pages)

- Access status/HTTP status code

- Website from which the query originates

- Browser

- Operating system and its interface

- Language and version of the browser software

 

Legal basis: Art. 6(1)(f) GDPR

 

4.2 Cookies

In addition to the abovementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive; and which provide certain information back to the site which set the cookie (in this case, ours). Cookies cannot run programs or transmit viruses to your computer.

 

The cookie allows you to be recognised when you revisit the website, without you having to re-enter data already entered.

 

The information contained in the cookies is used, for instance, to determine whether you are logged in, or what data you have already entered, or to recognise you as a user if a link is established between our web server and your browser. Cookies are automatically accepted by most web browsers.

 

If your browser settings accept cookies, by using our websites you agree to the deployment of these cookies.

 

4.2.1 Transient cookies

Transient cookies are automatically deleted when you close the browser. This type of cookie includes, in particular, session cookies. These store a so-called session ID, which allows it to assign various queries from your browser to the session. This allows your computer to be recognised when you return to our website. Session cookies are deleted when you logout or close the browser.

 

4.2.2 Persistent cookies

Persistent cookies are automatically deleted after a specified period of time which can vary according to the cookie deployed. You can delete these cookies in your browser’s security settings at any time.

 

4.2.3 Third-party cookies

These come from providers other than the website operator. They can be used, for instance, to collect information for marketing purposes, user-defined content and web statistics.

 

4.2.4 Browsers

Most browsers are set to accept all cookies as standard. You can set your browser to inform you when cookies are being set and to allow cookies only on an individual basis; to stop cookies being set for specific cases or, indeed, generally; and to automatically delete cookies when you close the browser. If cookies are deactivated, this can restrict the functionality of our website.

 

You yourself can delete any cookies stored on your PC at any time, by deleting temporary internet files.

 

Legal basis: Art. 6(1)(f) GDPR (in the case of technical cookies), Art. 6(1)(a) GDPR (for all other cookies)

 

4.3 Data processing in the USA

When you visit our website, it cannot be precluded that personal data will be transmitted to the USA. Where this is the case, we point this out separately in this Privacy Statement.

 

In order to transmit personal data to a third country or an international organisation, Art. 46 GDPR specifies that so-called appropriate safeguards must be provided. These do not exist for the USA.

 

Possible risks which, in conjunction with the aforementioned information, cannot be precluded for you as a data subject at this time, include in particular:

 

- Your personal data could possibly be transmitted, for purposes over and above those required for the actual intended transaction, by the service provider in question to other third parties (e.g. to US public authorities).

- You might not be able to assert or enforce your rights to be informed by the service provider in question.

- There is potentially a higher probability that data might not be correctly processed, as the technical and organisational measures in place to protect personal data do not fully meet the requirements of the GDPR, both quantitatively and qualitatively.

 

By giving your consent to have (advertising and marketing) cookies processed, you are consenting explicitly to your data being transferred to the USA. You can delete any cookies stored on your PC at any time, by deleting temporary internet files.

 

Legal basis: Art. 6(1)(a) GDPR

 

5. Data processing when using Clickcease

This website uses the functions of the advertising analysis service Clickcease (CHEQ AI Technologies Ltd., Yehuda Halevi 23 St., Tel Aviv, Israel). The service provider captures, stores and processes information that your browser automatically relays. This includes, in particular, the browser type and version, the operating system used, the referrer URL, the host name of the computer accessing, the time of the server query and the IP address. The amount of time you spend on our web pages, the number of pages accessed and the search words used are also stored.
The provider of this web tool analyses this data for striking behaviour with respect to click fraud, that is, the frequency with which an IP clicks on an advert. The data captured is processed and stored outside of the European Economic Area. The company is headquartered in Israel; the country has an adequacy decision issued by the European Union and is governed by this in respect of data protection laws.

 

Further information and the company's privacy policy can be viewed at https://www.clickcease.com/privacy.html.

 

Legal basis: Art. 6(1)(a) GDPR

 

6. Data processing when using Facebook Connect

Your Facebook profile can also be used to login to the website by way of the Facebook Connect facility of the social network Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).

 

By clicking on the button for this, a pop-up opens which has the same design as the Facebook login screen. You enter your Facebook login data in it, agree to data transmission and are logged in to our website as a result. If you are already logged in to Facebook, you do not need to login to our website. The link between Facebook and our website is established automatically. You must nevertheless have clicked to agree to certain data on Facebook being accessed.

 

Our contract is with Facebook Ireland – however, it is possible that Facebook Ireland will transmit personal data to Facebook USA.

 

Using this service causes personal data to be transmitted to the USA – or, at least, it cannot be precluded that such transmission occurs! – For more information, please see 4.3. of this Statement.

 

We have enabled the Automatic Advanced Matching feature in connection with the Facebook Pixel feature. This allows us to share hashed email addresses, names, gender, city, state, postcode and dates of birth or phone numbers with Facebook if you have provided us with this information. This allows us to target our advertising campaigns on Facebook even more specifically to people who are interested in our products or services.

 

You can get further information from the Facebook Data Policy at https://de-de.facebook.com/policy.php.

 

You will find information specifically about Facebook pixel at https://de-de.facebook.com/business/help/651294705016616.

 

Legal basis: Art. 6(1)(a) GDPR

 

7. Data processing with Google services

We have a contract with Google Ireland Limited (“Google”), which is a company registered (company register no. 368047) in Ireland and operating under Irish law. The company’s registered office is at Gordon House, Barrow Street, Dublin 4, Ireland. It is nevertheless possible that data from Europe will be relayed to the USA – as a company, we have no influence on this.

 

Using this service causes personal data to be transmitted to the USA – or, at least, it cannot be precluded that such transmission occurs! – For more information, please see 4.3. of this Statement.

 

Legal basis: Art. 6(1)(a) GDPR

 

7.1 Google Analytics

This website uses the “activation of IP anonymization” function (that means, Google Analytics has been enhanced with the code “gat._anonymizeIp();”, which causes IP addresses to be captured anonymously (so-called IP masking)). As a result, your IP address is truncated by Google in member states of the European Union or in states that are parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the USA and truncated there.

 

Google states that it uses the information gleaned in order to analyse your use of the website, compile reports on website activity and provide us with further services linked to website and internet usage. The IP address relayed by your browser and captured by Google Analytics is not amalgamated with other data from Google. Google will, however, pass this information on to third parties in certain circumstances if this is a statutory requirement or where third parties process the data for Google. You can prevent the cookies being stored by adjusting the relevant setting in your browser software. However, we should point out to you that if you do, you may not be able to use all the features of the websites to the full. Furthermore, you can prevent Google from capturing the data relating to your usage of the websites that is generated by the cookie (including your anonymised IP address) and from processing this data by downloading and installing the browser plug-in available through this link (https://tools.google.com/dlpage/gaoptout?hl=de).

 

You will find more detailed information about the terms and conditions of use and about data protection at https://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de.

 

7.2 Google Analytics Conversion Tracking (Google Ads)

This website also uses the Google Conversion Tracking facility. This causes Google Ads to set a cookie on your computer if you came to our website via an advert on Google. These cookies expire after 30 days and are not used for personal identification. If a user visits certain pages on an Ads customer’s website and the cookie has not yet expired, Google and the customer can see that the user clicked on the advert and was taken to this page. Every Ads customer receives a different cookie. Cookies can therefore not be tracked and monitored across the websites of Ads customers. The information obtained with the aid of the conversion cookies is used to compile conversion statistics for Ads customers who have signed up for conversion tracking. The Ads customers find out the total number of users who clicked on their advert and were taken to a page which has a conversion tracking tag on it. But they do not receive any information allowing them to identify users personally. If you do not want to be part of the tracking process, you can reject having the required cookie set on your device – for example, through the browser setting that deactivates the setting of cookies in general. You can also deactivate conversion tracking cookies by changing your browser settings to block cookies from the domain “www.googleadservices.com”. Google’s data protection guidance can be found here.

 

If you use SSL search, Google’s encrypted search function, in most cases the search keywords will not be sent as part of the URL in the referrer URL. There are, however, a few exceptions to this – for example, if you use certain less popular browsers. You can find further information on SSL searches here. Search requests or information in the referrer URL can, in certain circumstances, also be viewed in Google Analytics or an Application Programming Interface (API). Additionally, advertisers may possibly receive information on the exact search keywords used that led to users clicking on an advert. https://policies.google.com/faq?hl=de

 

7.3 Google Fonts

We use Google Fonts. There is no authentication involved in using Google Fonts and no cookies are sent to the Google Fonts API. If you have a Google account, none of your Google account information is relayed to Google whilst using Google Fonts. Google only records that CSS has been used and which fonts were used, and stores this data securely. More information on this and the answers to other questions can be found here: https://developers.google.com/fonts/faq.

 

You can find out what data is captured by Google and what it is used for here: https://www.google.com/intl/de/policies/privacy/.

 

7.4 Google APIS/AJAX and JQUERY

In order to optimise loading speed, usability and indexing of our website, we use JavaScript technologies and the corresponding program libraries and CDNs (Content Delivery Networks) provided by third-party suppliers – specifically, the jQuery JavaScript library from the jQuery Foundation, the Google APIs programming interface and the Google AJAX Search API, both from Google. When you visit our website, these third-party suppliers may receive information about your visit to our website containing personal data – in particular, through the transmission of your IP address. It is possible that this data will be processed outside the EU. You can prevent this by installing a JavaScript blocker or by deactivating JavaScript in your browser. Deactivating or blocking JavaScript may lead to functional limitations on internet pages using JavaScript technologies. You can find further information on data processing at/by Google in the Google data protection policies, which can be retrieved currently at https://www.google.de/intl/de/policies/privacy/; and in the case of jQuery on the JS Foundation website at js.foundation/about/governance/privacy-policy.

 

7.5 Google+ button

We have integrated the +1 button from Google Plus into our website. If you access our website, your browser establishes a direct link with the Google server. If you do not click on the button, Google states that no personal data will be processed. Personal data will only be processed if you are logged in to your Google Plus account. If you wish to prevent Google Plus from processing your data, you should log out of Google Plus before visiting our website.

 

7.6 Google Gstatic

Gstatic is a domain used by Google to load static content to another domain name in order to reduce bandwidth usage and to increase network performance for the end user.

 

7.7 Google Maps

We use the Google Maps service offering on this website. It allows us to show you interactive maps directly in the website and to enjoy convenient usage of the maps function. By visiting the website, Google receives the information that you have accessed the relevant sub-page on our website. In addition, the data described in the section “Use of the website for information purposes” above is transmitted. This happens independently of whether Google is providing a user account that you are logged into, or whether no such user account exists. If you are logged in to Google, your data will be directly attributed to your account. If you do not wish this data to be attributed to your Google profile, you must log out prior to clicking on the button. Google saves your data as a usage profile and uses it for the purposes of advertising, market research and/or demand-oriented design of its website. This analysis is performed in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network of your activities on our website. You have the right to object to the creation of these user profiles, but you must contact Google directly to exercise this right.

 

You will find further information on the purpose and scope of the data capture and its processing by the plug-in provider in the provider’s data protection declaration. You will also find further information there on your rights and settings options available to protect your privacy: http://www.google.de/intl/de/policies/privacy.

 

7.8 Google Remarketing

We use the Google Remarketing service on this website. Google Remarketing allows the posting of adverts aimed at users who have already visited our website in the past. As a result of this, adverts modified to take account of their interests can be displayed on our page within the Google advertising network. Google Remarketing uses cookies for this analysis.

 

7.9 Google Tag Manager

We use so-called Google tag managers to identify your user behaviour. Google Tag Manager is a solution allowing marketers to manage website tags via an interface. The tool itself (which implements the tags) is a cookie-free domain and does not capture any personal data. The tool triggers other tags which may themselves capture data. Google Tag Manager does not access this data. If the facility is deactivated at domain or cookie level, it will apply for all tracking tags implemented using Google Tag Manager.

 

More detailed information can be found here: https://www.google.com/intl/de/tagmanager/faq.html.

 

Legal basis: Art. 6(1)(a) GDPR

 

8. Data processing when using Instagram

On our website we use functions of the social media network Instagram, which is owned by Instagram, LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA.

 

Using this service causes personal data to be transmitted to the USA – or, at least, it cannot be precluded that such transmission occurs! – For more information, please see 4.3. of this Statement.

 

We are able to display images and videos with the functions to embed Instagram content. By viewing pages that use these functions, data (namely: the IP address, browser data, date, time, cookies) is relayed to and stored and analysed by Instagram. If you are logged into your Instagram account whilst surfing on our website, this data will be attributed to your personal account. You can find the data protection policy, as well as information about the data Instagram collects and how it is used, at https://help.instagram.com/519522125107875.

 

Legal basis: Art. 6(1)(a) GDPR

 

9. Data processing when using server log files

In order to optimise this website in respect of system performance, user friendliness and the provision of useful information about our services, the website provider captures and stores information automatically in so-called server log files, which your browser relays to us automatically. This covers the Internet Protocol address (IP address) of the computer (or mobile device) accessing the website, browser and language settings, operating system, referrer URL, your internet service provider and the date/time.

 

This data is not amalgamated with any personal data sources. We reserve the right to examine this data retroactively should we have any specific indications of illegal usage of the system and – if a hacking attack has taken place – to pass the data to the law enforcement authorities. Over and above this, there will be no sharing of data with third parties.

 

Legal basis: Art. 6(1)(f) GDPR

 

10. Data processing when using MS Clarity

If you give your consent, we process your personal data on our website using the web analysis software Microsoft Clarity. The service provider is the American company Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

 

Microsoft Clarity collects certain information when you use our services, including

- Device information: IP address, browser type, operating system and device model

- Usage data: websites visited, interactions with content and usage statistics

- Tracking data: Recording of user interactions such as mouse movements, keystrokes and clicks

 

We use the data collected to:

- Provide and maintain Microsoft Clarity and related services to you,

- Improve our services, fix bugs and develop new features,

- perform analytics to understand the use and performance of our services; and

- Provide you with relevant support and customer service.

 

We will retain your information for as long as necessary to provide our services and comply with legal obligations.

 

The legal basis for data processing is your consent in accordance with § 165 (3) TKG 2021. Microsoft transfers your personal data to the USA. The legal basis for the data transfer to the USA is your consent in accordance with Art 45 (1) in conjunction with Art 6 (1) lit a GDPR. Microsoft is listed in the EU-U.S. Data Privacy Framework List and thus offers a guarantee of compliance with European data protection law.
https://www.dataprivacyframework.gov/s/participant-search

 

In addition, Microsoft uses so-called standard contractual clauses within the meaning of Art 46 (2) and (3) GDPR. Standard contractual clauses are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries. Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Microsoft undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

 

You can find more information on the standard contractual clauses at Microsoft at https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses.

 

You can find out more about the data that is processed through the use of Microsoft in the privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

11. Your rights

You have the following rights vis-à-vis our company with respect to your personal data:

 

- the right to information, rectification and erasure

- the right to restrict processing

- the right to object to processing

- the right to data portability

 

Please email any queries or concerns you may have to  dsgvo@foggis.at  or contact us by one of the contact methods shown above.

 

Should you feel that we have infringed Austrian or European data protection legislation in the way we have processed your data and as a result violated your rights, please contact us so that we can investigate and answer any questions.

 

You also have the right to complain to the supervisory authority in Austria:

 

Austrian Data Protection Authority [Datenschutzbehörde], Barichgasse 40-42, 1030 Vienna, telephone: +43 1 52 152-0

Email: dsb@dsb.gv.at

 

12. Changes to this Privacy Statement

We reserve the right to modify our Privacy Statement from time to time. All changes to our Privacy Statement will be published on this website. Please therefore be sure to refer to the latest version of our Privacy Statement.

 

The product is being added to your cart ...
The product is being removed from your cart ...
Your order is being processed ...